<?php
ob_start('ob_gzhandler');
session_start();

$username="dragonballpalace2";
$password="";
$database="dragonballpalace2_nl_db";

if(stristr($_SERVER["HTTP_ACCEPT"],"application/xhtml+xml"))
{
header("Content-type:application/xhtml+xml;charset=utf-8");
}
else
{
header("Content-type:text/html;charset=utf-8");
}
header("Vary: Accept");

echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="nl">
<head>
<title>Bezig met veilige crew-inlog-procedure! g0tm@il.? v0.0.7.7!</title>
</head>
<body>
<h1>Even geduld a.u.b!</h1>

<?php
$user=mb_strtolower($_POST['uname']);
$passwd=mb_strtolower($_POST['passwd']);
$skey=$_POST['sveri'];

if (empty($user))
{
die("NO Username? Uhhhh? That's not possible! Try again!'");
}
if(empty($passwd))
{
die("Come on! NO Password is also not possible!");
}
if(empty($skey))
{
die("You forgot to enter your security verification-code!");
}

mysql_connect(localhost, $username, $password);
mysql_select_db($database);

function verify($check, $gdata)
{
$dcheck = mysql_query("SELECT * FROM gotm_specuser WHERE $check='$gdata'");
$result = mysql_result($dcheck, 0, '$check');
if ($result = !$gdata)
{
die("Are you trying to trick me? Wrong user/pass/skey combination!!!! EEN");
}
}

verify('uname', $user);
verify('passwd', $passwd);
mysql_close();

if ($skey === !$_SESSION['skey'])
{
die("Are you trying to trick me? Wrong user/pass/skey combination!!!!");
}

$_SESSION['logged']="TRUE";

header("Location: ./crew.php");
?>

</body>
